RE: [exim] exim 4.43 and GnuTLS: How to control cipher negot…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MM-\Richard Welty at <-
.M.MPhilip Hazel at ->
Delete this message
Reply to this message
Author: Jan-Peter Koopmann
Date:  
To: Richard Welty, exim-users
CC: 
Subject: RE: [exim] exim 4.43 and GnuTLS: How to control cipher negotiation?
>>> very good reputation, so I'd choose AES128, 3DES,
>>> ARCFOUR128 and ARCFOUR40, in this order.
>
>> I second this!
>
> i won't second it because it's not strong enough.
>
> RC4 is not even obsolescent, it's obsolete. the barn door has
> been open on that one for a long long time.

Agreed. So if the two clients cannot negotiate on AES128 or 3DES you would rather have them communicate without any encryption just because RC4 has been cracked? If you choose to allow AES128/3DES only that is your decision to make. We are talking about the default ciphers here and to teach the components to favour AES128/3DES over ARCFOUR. I see no harm in that.

Regards,
JP


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Copy email to two addys. (exim4)Re: [exim] SMTP connections from *.client.comcast.net->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)